#VU41543 Buffer overflow in Xen
Vulnerability identifier: #VU41543
Vulnerability risk: Low
CVSSv3.1: 1.3 [CVSS:3.1/AV:A/AC:L/PR:/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-119
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Xen
Server applications /
Virtualization software
Vendor: Xen Project
Description
The vulnerability allows a remote #AU# to gain access to sensitive information.
Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Xen: 3.2.0 - 4.4.0
External links
http://linux.oracle.com/errata/ELSA-2014-0926.html
http://linux.oracle.com/errata/ELSA-2014-0926-1.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135068.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
http://secunia.com/advisories/59208
http://secunia.com/advisories/60027
http://secunia.com/advisories/60130
http://secunia.com/advisories/60471
http://security.gentoo.org/glsa/glsa-201407-03.xml
http://support.citrix.com/article/CTX140984
http://www.debian.org/security/2014/dsa-3006
http://www.securityfocus.com/bid/68070
http://www.securitytracker.com/id/1030442
http://xenbits.xen.org/xsa/advisory-100.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
